Systems and methods for providing repeated use of computing resources

ABSTRACT

Systems, methods, and non-transitory computer-readable media can provide access to a first-level computing resource via a service catalog. In some instances, the first-level computing resource can be created by a first entity. Moreover, a second-level computing resource can be received. In some cases, the second-level computing resource can be created by a second entity based, at least in part, on the first-level computing resource. Access to the second-level computing resource can be provided via the service catalog. Relational information associated with the first-level computing resource and the second-level computing resource can be tracked.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No.15/413,243, filed Jan. 23, 2017, which is a continuation of U.S. patentapplication Ser. No. 14/213,540, filed Mar. 14, 2014, entitled “SYSTEMSAND METHODS FOR PROVIDING REPEATED USE OF COMPUTING RESOURCES,” which isa continuation-in-part of U.S. patent application Ser. No. 13/842,413,filed Mar. 15, 2013 (now U.S. Pat. No. 9,489,647, issued Nov. 8, 2016),entitled “SYSTEM AND METHOD FOR A CLOUD COMPUTING ABSTRACTION WITHSELF-SERVICE PORTAL”, which is a continuation-in-part of U.S. patentapplication Ser. No. 13/354,275, filed Jan. 19, 2012 (now U.S. Pat. No.9,069,599, issued Jun. 30, 2015), entitled “SYSTEM AND METHOD FOR ACLOUD COMPUTING ABSTRACTION LAYER WITH SECURITY ZONE FACILITIES”, whichclaims priority to U.S. Provisional Patent Application No. 61/434,396filed Jan. 19, 2011, entitled “SYSTEM AND METHOD FOR CLOUD COMPUTING”,and which is a continuation-in-part of U.S. patent application Ser. No.13/009,774 (“the '774 application”) filed Jan. 19, 2011 (now U.S. Pat.No. 8,931,038, issued Jun. 1, 2015) entitled “SYSTEM AND METHOD FOR ACLOUD COMPUTING ABSTRACTION LAYER”; the '774 application claims priorityto U.S. Provisional Patent App. No. 61/296,405 filed on Jan. 19, 2010,entitled “ENTERPRISE CLOUD SYSTEM AND METHOD”, and is acontinuation-in-part of U.S. patent application Ser. No. 12/488,424entitled “CLOUD COMPUTING GATEWAY, CLOUD COMPUTING HYPERVISOR, ANDMETHODS FOR IMPLEMENTING SAME” filed Jun. 19, 2009 (now U.S. Pat. No.8,514,868, issued Aug. 20, 2013), and published as U.S. Publication No.20100027552 on Feb. 4, 2010, and which claims priority to U.S.Provisional Patent Application No. 61/074,027 filed Jun. 19, 2008entitled “CLOUD COMPUTING GATEWAY AND CLOUD COMPUTING HYPERVISOR”; eachof which is hereby incorporated herein by reference in its entirety.

FIELD OF THE INVENTION

The present technology relates to the field of computing resources. Moreparticularly, the present technology relates to systems and techniquesfor providing repeated use of computing resources.

BACKGROUND

The use of computing resources, such as cloud computing resources, isbecoming increasingly commonplace. Users of cloud computing services canutilize computing resources provided by the cloud computing services toperform a wide variety of tasks, such as providing infrastructure,platforms, or applications (e.g., software, services). In one example,entities such as corporations can utilize cloud computing to providelow-level infrastructure offerings. In another example, entities canutilize cloud computing to provide middle-level platform offerings. In afurther example, entities such as application developers can utilizecloud environments to provide high-level application offerings.

In some cases, computing resources can be provided via service catalogs(or self-service portals). Service catalogs can provide users withaccess to computing resources (or other offerings) that are availablefor consumption or utilization. With respect to conventional approaches,there is usually a limited number of entities who build or create thecomputing resources, but a larger number of entities who consume orutilize the computing resources. As a result, under conventionalapproaches, the spectrum of available computing resources can be limitedand the process of developing or providing these computing resources canbe costly, time-consuming, and inefficient. These and other concerns cancreate challenges for and reduce the overall experience associated withbuilding and utilizing computing resources.

SUMMARY

Various embodiments of the present disclosure can include systems,methods, and non-transitory computer readable media configured toprovide access to a first-level computing resource via a servicecatalog. In some instances, the first-level computing resource can becreated by a first entity. Moreover, a second-level computing resourcecan be received. In some cases, the second-level computing resource canbe created by a second entity based, at least in part, on thefirst-level computing resource. Access to the second-level computingresource can be provided via the service catalog. Relational informationassociated with the first-level computing resource and the second-levelcomputing resource can be tracked.

In one embodiment, the second-level computing resource can be associatedwith a higher-level than the first-level computing resource, and thethird-level computing resource can be associated with a higher-levelthan the second-level computing resource.

In one embodiment, each of the first-level computing resource, thesecond-level computing resource, and the third-level computing resourcecan correspond to at least one of an Infrastructure-as-a-Service (IaaS)offering, a Platform-as-a-Service (PaaS) offering, or aSoftware-as-a-Service (SaaS) offering.

In one embodiment, at least two of the first entity, the second entity,or the third entity can correspond to a single entity.

In one embodiment, the relational information can includes at least oneof financial information, licensing information, service-level agreement(SLA) information, or configuration information.

In one embodiment, one or more payments can be received from a fourthentity that accesses the third-level computing resource. The one or morepayments can be allocated to the first entity, the second entity, andthe third entity based on the relational information associated with thefirst-level computing resource, the second-level computing resource, andthe third-level computing resource.

In one embodiment, the relational information can indicate a firstportion of the one or more payments to be allocated to the first entity,a second portion of the one or more payments to be allocated to thesecond entity, and a third portion of the one or more payments to beallocated to the third entity.

In one embodiment, a marketplace configured to facilitate one or moreinteractions among users of the service catalog can be provided.

In one embodiment, a computing system can be associated with anabstraction layer of a cloud management system. The computing system canbe configure to provide for repeated use of computing resources.

Many other features and embodiments of the disclosed technology will beapparent from the accompanying drawings and from the following detaileddescription.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates an example scenario in which repeated use ofcomputing resources can be implemented, according to an embodiment ofthe present disclosure.

FIG. 2 illustrates an example scenario in which repeated use ofcomputing resources can be implemented, according to an embodiment ofthe present disclosure.

FIG. 3 illustrates an example scenario in which repeated use ofcomputing resources can be implemented and relational information can betracked, according to an embodiment of the present disclosure.

FIG. 4 illustrates an example system implementation configured toprovide repeated use of computing resources, according to an embodimentof the present disclosure.

FIG. 5 illustrates an example method implementation for providingrepeated use of computing resources, according to an embodiment of thepresent disclosure.

FIG. 6 illustrates an example method implementation for providingrepeated use of computing resources, according to an embodiment of thepresent disclosure.

FIG. 7 shows a diagram illustrating an example system in accordance withan embodiment of the present disclosure.

FIG. 8 shows a diagram illustrating an example management module inaccordance with an embodiment of the present disclosure.

FIG. 9 illustrates an example of a computing device or system that canbe used to implement one or more of the embodiments described herein,according to an embodiment of the present disclosure.

The figures depict various embodiments of the disclosed technology forpurposes of illustration only, wherein the figures use like referencenumerals to identify like elements. One skilled in the art will readilyrecognize from the following discussion that alternative embodiments ofthe structures and methods illustrated in the figures can be employedwithout departing from the principles of the disclosed technologydescribed herein.

DETAILED DESCRIPTION Providing Repeated Use of Computing Resources

It is becoming more commonplace to consume or utilize cloud computingresources. For example, users often consume cloud-based informationtechnology (IT) resources using a self-service portal or servicecatalog. In some instances, the cloud-based IT resources can becategorized as Infrastructure-as-a-Service (IaaS), Platform-as-a-Service(PaaS), or Software-as-a-Service (SaaS). In general, IaaS, PaaS, andSaaS resources can differ with respect to the “completeness” of theresource. For example, IaaS is usually associated with delivery oflow-level operating system instances and resources, whereas PaaS isassociated with delivery of a middle-ware environment and resources,which can be suitable for deploying application code. Moreover, SaaS isusually associated with delivery of high-level, full-featured,ready-to-use applications (e.g., software, services, programs, etc.).

In some embodiments, higher-level offerings can be built (e.g., created,generated, developed, etc.) based on lower-level offerings. Forinstance, one can build a PaaS offering by starting with an IaaSresource and then adding and configuring middle-ware software to theIaaS resource to create the PaaS offering. Similarly, one can build aSaaS application based on a PaaS resource or offering.

Under conventional approaches, self-service portals or service catalogscan operate in a somewhat restricted fashion. With respect toconventional approaches to providing offerings (or computing resources),there can be a relatively small number of entities who create or buildofferings and a relatively larger number of entities who consume orutilize offerings.

Various embodiments of the present disclosure can provide for repeateduse (e.g., recursive consumption and/or publication) of computingresources or offerings, such as cloud computing resources or offerings.The disclosed technology can provide a self-service portal or servicecatalog configured to allow for a layered creation of offerings by arelatively larger number of users or entities. In some cases, a user canidentify and consume a low-level offering (e.g., IaaS) and use it tobuild a middle-level offering (e.g., PaaS) by adding and configuringmiddle-ware software components. The middle-level offering can then be“republished” back into (or made available at) the self-service portalor service catalog for consumption by other users. Further, amiddle-level offering, such as the middle-level offering built based onthe low-level offering, can be consumed and used to create a high-leveloffering (e.g., SaaS). The high-level offering can also be republishedback into the self-service portal or service catalog for subsequentconsumption or utilization. Relational information associated with thelow-level, middle-level, and/or high-level offerings can also betracked, such as for payment allocation and/or licensing purposes.Accordingly, the disclosed technology can, for example, provide animproved approach to consuming and publishing computing resources (e.g.,repeatedly or recursively), allow for a larger number of entities tobuild and offer computing resources, and permit a wider variety ofcomputing resources to be published and available.

FIG. 1 illustrates an example scenario 100 in which repeated use ofcomputing resources can be implemented, according to an embodiment ofthe present disclosure. The example scenario 100 can include a repeateduse module (e.g., component, unit, system, etc.) 102. In someembodiments, the repeated use module 102 can be implemented in,integrated with, or can correspond to a service catalog, which canreside, in part or in whole, within an abstraction layer of a cloudmanagement system/platform. The repeated use module 102 can beconfigured to automate and facilitate repeated use (e.g., recursiveconsumption and/or publication) of computing resources or offerings. Forexample, the repeated use module 102 can provide access to a low-levelresource such as IaaS 104, a high-level resource such as SaaS 108, aswell as one or more intermediate-level or middle-level resources such asPaaS 106.

In the example of FIG. 1, the repeated use module 104 can be configuredto provide User A 110 with access to the low-level resource (e.g., IaaS104). The low-level resource can provide infrastructure, an operatingsystem (OS), and/or other low-level features. User A 110 can consume orutilize the low-level resource to build, create, or develop amiddle-level resource (e.g., PaaS 106). For instance, User A 110 can addmiddleware and/or other middle-level functionality, such as web servers,applications servers, storage systems, databases, etc., to the low-levelresource in order to create the middle-level resource. Subsequently,User A 110 can “publish” (e.g., make available, provide, offer, release,etc.) the middle-level resource via the repeated use module 102. Therepeated use module 102 can then provide access to the middle-levelresource for consumption.

Continuing with the example of FIG. 1, User B 112 can search for, find,and/or identify the middle-level resource (e.g., PaaS 106) via therepeated use module 102. User B 112 can consume the middle-levelresource and use it to develop a high-level resource (e.g., SaaS 108).For example, User B 112 can start with the middle-level resource anddeploy application code with respect to the middle-level resource togenerate a high-level resource (e.g., SaaS 108), such as an application,service, program, software, etc. User B 112 can publish and offer thegenerated high-level resource via the repeated use module 102. Forexample, User B 112 can republish (or publish) the high-level resourceback into the repeated use module 102 (or into a service catalogassociated with the repeated use module 102). The repeated use module102 (or associated service catalog) can enable the high-level resourceto be available for consumption. User C 114 can, for example, consumethe high-level resource.

Accordingly, the example scenario 100 of FIG. 1 can illustrate how therepeated use module 102 is configured to provide the ability to linkpublishing/republishing steps together, such as by publishing IaaS 104,(re-)publishing PaaS 106, and (re-)publishing SaaS 108.

In some instances, each of User A 110, User B 112, and User C 114 cancorrespond to an entity, such as a corporation, company, enterprise,organization, group, individual, virtual unit, etc., or any combinationthereof, or to any number of persons associated with the entity. In oneexample, User A 110, User B 112, and User C 114 can all correspond tothe same entity. In another example, at least two of User A 110, User B112, and User C 114 can correspond to the same entity. In a furtherexample, User A 110, User B 112, and User C 114 can correspond todifferent entities.

In some cases, the consumption of low-level resources (e.g., low-levelofferings, low-level services, etc.) and the republishing ofhigher-level resources (e.g., resources having a higher-level thanlow-level resources) built on the low-level resources can occur within asingle entity. For instance, the consumers, publishers, and/or users ofthe resources can correspond to different departments within an entity.In one example, an IT department of a company can create a PaaS offeringusing IaaS resources. Then application developers (e.g., business units)of the company can create a SaaS offering based on the PaaS offeringcreated by the company's IT department.

FIG. 2 illustrates an example scenario 200 in which repeated use ofcomputing resources can be implemented, according to an embodiment ofthe present disclosure. In some cases, the consumption and republishingof computing resources or offerings can, for example, occur amongdifferent entities, such as organizations, using a (global) self-serviceportal or service catalog. For instance, as shown in the examplescenario 200 of FIG. 2, Entity A 210 can create and offer/publish anIaaS resource 204 via a repeated use module 202 (or via a servicecatalog associated with the repeated use module 202). Entity B 212 can(find and) consume the IaaS resource 204 and use it to create a PaaSoffering 206. Entity B 212 can subsequently offer or (re-)publish thePaaS offering 206 back at the repeated use module 202 (or servicecatalog). Entity C 214 can (identify and) consume the PaaS offering 206published by Entity B 212 and can use it to create a SaaS offering 208.Entity C 214 can (re-)publish the SaaS offering 208 back at the repeateduse module 202 (or service catalog). Entity D 216 can then consume theSaaS offering 208 published by Entity C 214.

Furthermore, the disclosed technology can provide for the tracking,recording, and/or maintenance of relational information associated withvarious uses and/or users of the computing resources or offerings. FIG.3 illustrates an example scenario 300 in which repeated use of computingresources can be implemented and relational information can be tracked,according to an embodiment of the present disclosure. In someembodiments, relational information can refer to information associatedwith the relationships between various computing resources or offeringsprovided by a repeated use module 302 (or service catalog) and/or therelations between their consumers, publishers, and/or users. In someinstances, relational information can include (but is not limited to)information about money flow or finances (e.g., real money, virtualmoney, internal budget, etc.) associated with the various uses (e.g.,consumption, publication, republication, etc.) and/or users (e.g.,consumers, publishers, republishers, etc.) of the computing resources orofferings.

For instance, consumption of a low-level resource can “cost” a givenamount. A publisher or developer of a middle-level resource can createthe middle-level resource based on the low-level resource, and can offerthe created middle-level resource for sale. The publisher or developerof the middle-level resource can consider the given cost of thelow-level resource as a “cost of goods sold.” The publisher or developerof the middle-level level can accordingly price the middle-levelresource to cover the given cost of the low-level resource. In addition,a publisher or developer of a high-level resource can create thehigh-level resource based on the middle-level resource. The high-levelresource publisher or developer can also consider the price paid for themiddle-level resource as a “cost of goods sold.” As such, the high-levelresource publisher or developer can price its offered high-levelresource to cover the cost of the middle-level resource (whichincorporates the cost of the low-level resource). When a high-levelresource consumer pays for the high-level resource, the price paid cancover the costs associated with all of the high-level, middle-level, andlow-level resources. Various embodiments of the present disclosure cantrack (e.g., record, maintain, etc.) relational information, includingfinancial information, associated with various uses and/or users of thecomputing resources and can allocate or distribute financesappropriately based on the financial information.

In FIG. 3, the illustrated example scenario 300 can involve a repeateduse module 302 (and/or a service catalog associated with the repeateduse module 302). Entity A 310 can create and publish an IaaS resource304 via the repeated use module 302 (or service catalog). In thisexample, Entity A 310 can decide to charge $15 for the IaaS resource304.

Continuing with the example, Entity B 312 can find the IaaS resource 304and decide to consume or use the IaaS resource 304 to create a PaaSresource 306. Entity B 312 can decide to charge $35 for building thePaaS resource 306, which is built based on the $15 IaaS resource 304,and thus resulting in a total of $50 for the PaaS resource 306 built onthe IaaS resource 304. Entity B 312 can offer and republish the PaaSresource 306 back at the repeated use module 302 (or service catalog).

Subsequently, in this example, Entity C 314 can identify the PaaSresource 306 and decide to consume or use the PaaS resource 306 tocreate a SaaS resource 308. Entity C 314 can decide to charge $50 forbuilding the SaaS resource 308, which is built based on the $35 PaaSresource 306 and the $15 IaaS resource 304, and thus resulting in atotal of $100 for the SaaS resource 308 (incorporating the PaaS resource306 and the IaaS resource 304). Entity C 314 can then offer andrepublish the SaaS resource 308 back at the repeated use module 302 (orservice catalog).

Finally, in this example, Entity D 316 can decide to purchase the SaaSresource 308 and pay $100. As discussed previously, the repeated usemodule 302 can track the relational information, including financialinformation, associated with the SaaS resource 308, the PaaS resource306, and the IaaS resource 304 (and/or the relational informationassociated with Entity A 310, Entity B 312, and Entity C 314).Accordingly, the repeated use module 302 can automatically allocate(and/or distribute) the $100 paid by Entity D 316 in the appropriateamounts to Entity A 310, Entity B 312, and Entity C 314. In thisexample, 50% of the $100 (or $50) can be given to Entity C 314, 35% ofthe $100 (or $35) can be given to Entity B 312, and 15% of the $100 (or$15) can be given to Entity A 310.

Moreover, in some cases, other types of relational information can betracked by the repeated use module 302. For example, in addition tofinancial information, the repeated use module 302 can be configured totrack and apply other types of relational information including (but notlimited to) licensing information, service-level agreement (SLA)information, configuration information, and/or other similar types ofinformation. Further, constraints related to the relational informationcan be applied by the repeated use module 302.

With respect to licensing information as an example, the repeated usemodule 302 can receive and enforce licensing terms as constraints withrespect to an IaaS resource, a PaaS resource, a SaaS resource 108, orany other level of computing resource. For example, an entity thatpublishes a resource may offer the resource subject to specifiedlicensing terms to consumers of the resource. The licensing terms canlimit access to the resource based on any number and any types ofconstraints, such as number of seats, usage restrictions, geographicrestrictions, tiered pricing structures, time duration, competitiveexclusions, etc. The repeated use module 302 may enforce theseconstraints before or during consumption of the resource by any entity.For example, if the license terms provide that a consuming entity maynot exceed a predetermined number of seats, then the repeated use module302 may determine how many users associated with the entity are usingthe resource and cease access for users that exceed the permitted numberof seats.

As another example, the license terms on which the resource can beoffered to an entity may provide for usage restrictions. In this regard,if the license terms prohibit the combination of an offered resourcewith certain other resources (e.g., incompatible software, open sourcesoftware with copyleft, etc.), then the repeated use module 302 canprohibit such combination by a consuming entity.

As yet another example, the license terms for the resource published byan entity can exclude competitors of the entity from accessing theresource. In this case, the repeated use module 302, upon determiningthat a competitor to the entity seeks access to the resource, can denythe competitor access to the resource.

In a similar manner, the repeated use module 302 may apply constraintsassociated with SLAs and configuration information in the publicationand consumption of resources.

FIG. 4 illustrates an example system implementation configured toprovide repeated use of computing resources, according to an embodimentof the present disclosure. In FIG. 4, the example system implementationcan correspond to a repeated use module 400. The repeated use module 400can correspond to the repeated use module 102 of FIG. 1, the repeateduse module 202 of FIG. 2, the repeated use module 302 of FIG. 3, and/orthe repeated use module 750 of FIG. 7. The repeated use module 400 can,for example, comprise a consumption mechanism (or component, feature,unit, module, etc.) 402, a publication mechanism 404, a trackingmechanism 406, and a controller mechanism 408. The controller mechanism408 can be configured to manage or control the various tasks of therepeated use module 400, such as facilitating the interactions orcommunications among the consumption mechanism 402, the publicationmechanism 404, and/or the tracking mechanism 406. The controllermechanism 408 can also apply constraints relating to relationalinformation in the publication and consumption of resources, asdiscussed herein.

In some embodiments, the consumption mechanism 402 can be configured toperform operations associated with the consumption of computingresources or offerings. For example, the consumption mechanism 402 canbe configured to facilitate providing access to various computingresources or offerings for consumption.

In some embodiments, the publication mechanism 404 can be configured toperform operations associated with the publishing (or republishing) ofcomputing resources or offerings. For example, the publication mechanism404 can be configured to facilitate receiving various developed/createdcomputing resources or offerings to be offered and/or (re-)published.

In some embodiments, the tracking mechanism 406 can be configured toperform operations associated with tracking, recording, and/ormaintaining information (e.g., relational information) associated withvarious computing resources and/or users. For example, the trackingmechanism 406 can be configured to facilitate tracking relationalinformation including (but not limited to) financial information,licensing information, service-level agreement (SLA) information, and/orconfiguration information. In some embodiments, the tracking mechanism406 can also be configured to facilitate receiving one or more paymentsand allocating (and/or distributing) the one or more paymentsappropriately based on the relational information.

FIG. 5 illustrates an example method implementation 500 for providingrepeated use of computing resources, according to an embodiment of thepresent disclosure. It should be appreciated that there can beadditional, fewer, or alternative steps performed in similar oralternative orders, or in parallel, within the scope of the variousembodiments unless otherwise stated. At step 502, the example methodimplementation 500 can provide access to a first-level computingresource via a service catalog. In some instances, the first-levelcomputing resource can be created by a first entity.

Step 504 can include receiving a second-level computing resource. Insome implementations, the second-level computing resource can be createdby a second entity based, at least in part, on the first-level computingresource. Moreover, access to the second-level computing resource can beprovided via the service catalog, at step 506.

Then, the example method implementation 500 can track relationalinformation associated with the first-level computing resource and thesecond-level computing resource, at step 508. In some embodiments, therelational information can include (but is not limited to) at least oneof financial information, licensing information, service-level agreement(SLA) information, and/or configuration information, etc., as discussedpreviously.

FIG. 6 illustrates an example method implementation 600 for providingrepeated use of computing resources, according to an embodiment of thepresent disclosure. Again, there can be additional, fewer, oralternative steps performed in similar or alternative orders, or inparallel, within the scope of the various embodiments unless otherwisestated. The example method 600 can receive a third-level computingresource, at step 602. In some embodiments, the third-level computingresource can be created by a third entity based, at least in part, onthe second-level computing resource.

The example method 600 can provide access to the third-level computingresource via the service catalog, at step 604. Step 606 can includetracking relational information associated with the first-levelcomputing resource, the second-level computing resource, and thethird-level computing resource.

Furthermore, in some embodiments, one or more payments can be receivedfrom a fourth entity that accesses the third-level computing resource.The one or more payments can be allocated (and/or distributed) to thefirst entity, the second entity, and the third entity based on therelational information associated with the first-level computingresource, the second-level computing resource, and the third-levelcomputing resource.

In some cases, as discussed previously, the relational information canindicate a first portion of the one or more payments to be allocated tothe first entity, a second portion of the one or more payments to beallocated to the second entity, and a third portion of the one or morepayments to be allocated to the third entity. In some instances, each ofthe first, second, and third portions can include a specified amount, aproportion, and/or a percentage.

Moreover, many other variations or applications are possible. In someembodiments, one or more intermediate-level resources (e.g.,published/offered middle-level resources) can be optional. For instance,low-level resources such as IaaS can be used directly to createhigh-level resources such as SaaS. In one example, a developer orcreator can start with a low-level resource, add desired functionalityto the low-level resource, and generate a high-level resource (e.g.,application, service, etc.).

In some embodiments, the service catalog or self-service portal canoperate or work with various entities and allow for consumption and/or(re-)publishing at multiple levels.

In some embodiments, the various entities can correspond to differentcorporate entities. In some embodiments, the various entities cancorrespond to different departments or portions of a single entity. Insome embodiments, the various entities can correspond to a singleentity.

In some embodiments, the service catalog or self-service portal canhandle the money flow or licensing agreements between all parties in asingle-party or multi-party chain of publishers.

Various other embodiments and/or applications are also possible. In oneexample scenario, the disclosed technology can allow for the creation ofa marketplace or exchange for facilitating interactions among users(e.g., consumers, publishers, etc.) of computing resources or offerings.

It is further contemplated that there can be many other uses,applications, and/or variations associated with the various embodimentsof the present disclosure.

Abstraction Layer—Example Implementation

FIG. 7 shows a diagram illustrating an example system 710 in accordancewith an embodiment of the present disclosure. FIG. 7 illustrates acloud-computing environment 735 comprising one or more cloud-computingresources, a client network 731 comprising client computing devices 714(e.g., desktops, laptops, smart mobile devices), and a cloud-computingplatform 720 (i.e., cloud management abstraction layer, hybrid cloudmanagement platform) in accordance with an embodiment of the presentdisclosure. In FIG. 7, cloud-computing platform 720 provides a systemthrough which computing devices 714 residing on client network 731(e.g., enterprise network) can access one or more cloud-computingservices. A cloud-computing service can comprise a cloud-computingresource residing within the cloud-computing environment 735 and managedby the cloud-computing platform 720 to provide the cloud computingservice. Depending on the embodiment, cloud-computing environment 735may comprise one or more cloud providing networks that includecloud-computing resources (e.g., cloud services provided by public orprivate clouds, which may be external or internal to the enterprise thatuses them) that can be utilized by users. Additionally, depending on theembodiment, platform 720 may reside on the client network 731 orseparate from the client network 731.

Cloud-computing environment 735 may comprise an internal cloud, anexternal cloud, a private cloud, or a public cloud (e.g., commercialcloud). In the example of FIG. 7, cloud-computing environment 735comprises internal private cloud resource 738, external private cloudresource 741, and secure public cloud resource 744. A private cloud maybe implemented using a variety of cloud systems including, for example,Eucalyptus Systems, VMWare vSphere®, or Microsoft® HyperV. Providers ofpublic clouds may include, for example, Amazon EC2®, Amazon WebServices®, Terremark®, Savvis®, or GoGrid® Cloud-computing resourcesprovided by these clouds may include, for example, storage resources(e.g., Storage Area Network (SAN), Network File System (NFS), and AmazonS3®), network resources (e.g., firewall, load-balancer, and proxyserver), internal private resources, external private resources, securepublic resources, infrastructure-as-a-services (IaaSs),platform-as-a-services (PaaSs), or software-as-a-services (SaaSs).

By using cloud-computing platform 720 to plan, build, manage, or usecloud-computing resources within a cloud-computing environment, users ofplatform 720 can be provided with standardized access to a variety ofcloud-computing resources from disparate cloud-computing systems andproviders without concerning themselves with the proprietary details ofaccessing or interfacing with such cloud-computing systems andproviders. The platform 720 can be configured to take the workloads thatare developed with the platform 720 and automatically provide theinterfaces and access steps necessary to operate the workload on anyparticular platform or infrastructure element within a federation ofcloud computing resources, such that the user is able to interact withthe platform 720 to develop such workloads at a level of abstractionthat allows the user to configure the logic of the workload (includingconditional logic that allows interrelation of different workloads) andto embody the technical, operational, and business requirements of theworkload in policies that are associated with the workload, without theuser being required to access or understand the details of (or in somecases even know about the existence of) such particular platform orinfrastructure elements. Additionally, users of platform 720 can accesscloud-computing services through platform 720 on-demand and on aself-service basis through the standardized access. Users of cloudcomputing services offered by platform 720 may include end users,developers, partners, or administrators that reside on the clientnetwork 731.

Platform 720 may comprise planner module 723, manager module 726,builder module 729, and consumption module 732. Planner module 723 canbe configured to plan cloud-computing service provided by platform 720by inventorying, profiling, characterizing and prioritizing computerworkloads, such as programs, applets, calculations, applications,servers, or services. For example, with respect to software/applicationdevelopment, planner module 723 may model current applications andassociated software-development life cycle (SDLC) phases to determinewhat infrastructure environments would be required or preferred. Thismay include defining security, privacy, management or other profiles foreach SDLC phase of each application. The profiles, in turn, willidentify existing infrastructure and systems that support the SDLCphases, and manage relationships between the infrastructure, systems andthe applications. Profiles may also contain characteristics regardingthe SDLC phases or attributes relevant to development, deployment orperformance of infrastructure, systems, or workloads, such as latency,geography, responsiveness, bandwidth, storage capacity, processingspeed, processing type, platforms involved (including operating system,file types, communication protocols, and the like), data involved,protocols used, and specific institutional requirements. In terms ofprioritizing the cloud-computing services needed for the SDLC phases,planner 723 may first identify which SDLC computing environments andsystems would be suitable for cloud computing or migration to cloudcomputing, and then prioritize the enablement and operability of newlydeveloped or migrated computer workloads according to the SDLC phases.Subsequently, the characterizations determined by planner module 723 canbe used by builder module 729 to build a cloud-computing service or todeploy a computer workload to a cloud-computing resource. In the plannermodule 723 or in other components of the platform 720 associated withthe planner module 23 the user may have access to, or may create ormodify, policy information relevant to the computer workloads with whichthe user can interact in the planner module 723. The policy informationmay be stored in or associated with a meta model, which may enable theidentification, characterization, and storage of a wide range ofinformation, including policy information, that can be associated with agiven workload. The metamodel data, including policy information, can beassociated with the workload such that throughout the various componentsof the platform 720, from planning through deployment to a cloud, theworkflow can be handled in a manner that is consistent with themetamodel data, and in particular consistent with the policies that areapplicable to that workload. In the planner module 723 the planner/usermay thus plan the use of workloads in a manner that is consistent withtechnical, operational, and business requirements that are appropriatewith such workload, as seen by association of the same with theworkload, and the planner/user may modify or populate the policiesassociated with the workload, such that the metamodel data for thatworkload embodies and is consistent with the plans of the planner/user.Once associated with the workload, such policies and other metamodeldata are stored by the platform 720 and may be used throughout thedevelopment and deployment cycle.

Builder module 729 can be configured to assemble, validate, and publisha cloud-computing service or computer workload for consumption (i.e.,use) by a user. Builder module 729 may be configured to receivecharacterization information from planner module 723 and build acloud-computing service or computer workload based on the information.For example, builder module 729 may be configured to assemble a cloudcomputing service based on the prioritized list of computer workloadsprovided by planner module 723. Builder module 729 may be configured tocreate and edit scripts for loading computer workloads duringinstallation, startup, runtime, and shutdown of cloud-computing servicesassembled by builder 729. The scripts for the cloud-computing servicesmay be verified and validated before the cloud-computing services arepublished for consumption (i.e., use). The script may have access tometamodel and policy information which may alter how the script uses themetamodel and policy information to make a decision. Additionally,builder module 729 may be configured to associate the computer workloadwith the appropriate cloud-computing service or resource (e.g.,associate an application with an appropriate underlying virtual machineimage or associate a computer workload with a specific network). As withthe planner module 723, in the builder module 729 the user/builder mayhave access to, or may create or modify, policy information relevant tothe computer workloads with which the user can interact in the buildermodule 729, such as the policy information stored in or associated withthe above-referenced meta model, which may enable the identification,characterization, and storage of a wide range of information, includingpolicy information, that can be associated with a given workload. In thebuilder module 729 the builder/user may thus build of workloads in amanner that is consistent with technical, operational, and businessrequirements that are appropriate with such workload, as seen byassociation of the same with the workload, and the builder/user maymodify or populate the policies associated with the workload, such thatthe metamodel data for that workload embodies and is consistent with theplans of the planner/user. In embodiments, the builder module 729 maypresent options to the builder pre-filtered, such as in pre-populatedscripts, filtered drop-down menus, that are dictated by or consistentwith the policies and other metamodel data associated with a workload,omitting, blocking or hiding options that are inconsistent with suchpolicies. For example, a workload that stores customer data could omitthe option to store a social security number if a data privacyregulation prohibits storing such data in the business process to whichthe workload relates. Such automatic pre-filtering, pre-configuration,and blocking ensure consistency with the policies associated with theworkload at the planning stage (or other stages) while also improvingefficiency by removing development paths that might be pursued despitebeing prohibited. In embodiments, the metamodel provides a flexiblestructure to organize metadata and apply the same policies using acombination of system and user supplied metadata that may indicate useof the same policy, however may define the same policy in differentways. For example, in some embodiments, the system may consider a Tier 5datacenter to be the most fault tolerant type of data center and a usermay consider a Tier 1 data center to be the most tolerant. The metamodelallows a policy that requires provisioning in the most fault tolerantdata center to be assigned Tier 5 or Tier 1 metadata, depending on thedefinition of the most fault tolerant data center in that specificoperating environment.

Eventually, builder module 729 can publish a cloud-computing service forconsumption by users. In some embodiments, the builder module 729 canpublish the cloud-computing service to a consumption module 732 (e.g.,store or storefront such as an application store, a service store, or asoftware stack store) where users can preview, select, and subscribe toa cloud-computing service for use. Further, in some embodiments, thebuilder module 729 can enter the cloud-computing service in repository730 when it is ready and available for consumption by users. Embodimentsmay also be configured for the builder module 729 such that thedevelopment community can approve or disapprove of the cloud-computingservice before publication.

Consumption module 732 is configured to allow a user to subscribe to,collaborate on, and assess a cloud-computing service published forconsumption. For example, a user can preview cloud-computing servicesavailable for deployment to the virtual private cloud and consumption.Then, when a user wants to subscribe and invoke a cloud-computingservice for usage, the user can invoke the cloud-computing service on aself-service, on-demand basis through the consumption module 732.Consumption module 732 may list published available cloud-computingservice at or near real-time, and allow a user to request updates andinformation on a listed cloud-computing service. In some embodiments,the consumption module 732 may allow users to collaborate on where,what, and how many cloud-computing services are deployed forconsumption. In further embodiments, consumption module 732 may allow auser to comment on and rate cloud-computing services, or assess the costassociated with deploying and using a cloud-computing service. As notedabove, as with the planning module 723 and the builder module 729, theconsumption module 732 has access to policy information and othermetamodel data that is associated with each workload, such that theworkload may be consumed only in a manner that is consistent with suchpolicy information. Thus consumption policies related to permitted time,permitted sets of users, security, pricing, resource consumption rules,and a wide variety of other policies may be maintained by theconsumption module based on the policies associated with the workload inthe platform 720.

Manager module 726 can be configured to provision one or morecloud-computing resources for a cloud-computing service or computerworkload, manage one or more cloud-computing resources for thecloud-computing service or computer workload, and monitor one or morecloud-computing resources for the cloud-computing service or computerworkload. For example, manager module 726 may provision one or morecloud-computing resources (e.g., provision one or more virtual machineinstances) for a published cloud-computing service that is invoked fromthe consumption module 732. Upon invoking the cloud-computing service,the manager module 726 may deploy and start the one or morecloud-computing resources to the virtual private cloud for thecloud-computing service.

With respect to control, manager module 726 may control the start, stop,or run-time of one or more cloud-computing resources (e.g., controlstart, stop, or run-time of virtual machine instance) for acloud-computing service. Manager module 726 may further schedule thestart and stop time windows for the one or more cloud-computingresources, or govern a service level, such as per a service levelagreement (SLA), or a threshold associated with the one or morecloud-computing resources. Through its control, manager module 726 cangovern the cloud-computing resource according to conditions,constraints, security policies, or non-security policies. Manager module726 may also monitor the one or more cloud-computing resources, detectsecurity intrusions, and monitor the consumption of cloud-computingservices their associated cloud-computing resources in order todetermine the costs accrued by a user. Aspects of cloud-computingresources monitored by manager module 726 include, for example, centralprocessing unit (CPU) usage, memory usage, data storage usage, datainput/output usage, application usage, workload usage, service usage,and other attributes of usage of a service or a computer workload.

In some embodiments, manager module 726 is configured such that a usercan request a planner using the planner module 723 to change the designof a cloud-computing service. For example, a user may request that thecloud-computing service change or computer workload with respect to thecloud-computing resources utilized (e.g., change to a platform stack).As in the other components of the platform 720, in the manager module726 the user may have access to, or may create or modify, policyinformation or metamodel data relevant to the computer workloads withwhich the user can interact in the manager module 726. The manager/userof the manager module 726 may thus manage the provisioning ofinfrastructure and platform elements such that usage will be consistentwith the policies of the enterprise, including operational and businesspolicies, as well as technical requirements. For example, provisioningto expensive infrastructure elements may be confined to workloads thatsatisfy business rules that distinguish between mission criticalelements and other elements. The manager/user of the manager module 726may be provided with access to the policies consistent with themetamodel framework, and in embodiments may be provided withpre-filtered options, such as in menu choices, decision trees, or thelike, that are consistent with such policies. For example, a workloaddesignated as non-critical in its metamodel data could automaticallyappear in the manager module with deployment options confined torelatively low cost clouds, while a mission-critical workload mightappear with all different cloud options (or ones that are filtered tosatisfy certain requirements as to low latency, bandwidth, storagecapacity, guaranteed quality of service, or the like). As with othermodules, the manager module 726 may thus enforce policy whilestreamlining workflow, improving both effectiveness and efficiency.

In some embodiments, the cloud-computing platform can also comprise arepeated use module 750, as shown in FIG. 7. The repeated use module 750can be configured to facilitate or provide for the repeated use (e.g.,recursive consumption and/or publication) of computing resources orofferings. In some implementations, the repeated use module 750 cancorrespond to the repeated use module 102 of FIG. 1, the repeated usemodule 202 of FIG. 2, the repeated use module 302 of FIG. 3, and/or therepeated use module 400 of FIG. 4.

In some cases, the repeated use module 750 can be implemented assoftware, hardware, or any combination thereof. In some embodiments, therepeated use module 750 can be implemented in, integrated with, or cancorrespond to a service catalog or a self-service portal. In someembodiments, the repeated use module 750 can be implemented as or residewith (at least a portion of) the cloud computing platform 720. Moreover,in some embodiments, the repeated use module 750 can be implemented, inpart or in whole, in one or more of the various modules included withthe cloud computing platform 720. For example, the repeated use module750 can be implemented, in part or in whole, in a scheduling module ofthe cloud computing platform 720 and/or in the manager module 726 of thecloud computing platform 720.

FIG. 8 shows a diagram illustrating an example management module 826(e.g., management module 726 in FIG. 7) in further detail. Asillustrated, management module 826 comprises governor module 803configured to govern operation of a cloud-computing services and itsassociated cloud-computing resources, provisioning module 806 configuredto provision cloud-computing resources for a cloud-computing service,and monitoring module 812 configured to facilitate the variousmonitoring functions of management module 826.

In embodiments, the present disclosure may provide for a policy-driveninfrastructure as a service (IaaS) event bus, which can be comprised ofa policy engine, metamodel, reporting system, and workflow engine; andallows for the creation of business policies, such that said businesspolicies can be reflected into a dynamic information technologyenvironment and expressed across internal and external informationtechnology infrastructure, regardless of operating system, programminglanguage, middle-ware solution, application platform, or cloud provider,by making use of abstraction layers. The workflow engine provides anintegration point between the IaaS event bus and workflow management.The abstraction layers allow for integration with applicationprogramming interfaces made available by different vendors, businessmodels, technical models, eventing and altering channels and monitoringsystems in a vendor agnostic manner. In embodiments the abstractionlayer could be a cloud-computing provider. A cloud computing providermay be VMWare, Baremetal, Amazon EC2, Savvis, TerreMark, MicrosoftHyperV, and the like. In other embodiments, there may be multiple layersof abstraction in an abstraction layer.

The policy engine allows policies to be created through an easy to usevisual interface that allows users that do not necessarily haveinformation technology skills or other programming skills to author andassign policies to workloads. The policies can be expressed vialanguages such as XML, and the like. In some embodiments of the presentdisclosure a policy could be an event policy. An event policy supportsmatching one or more events that are temporally related and generate anotification action when matches occur. An event can be defined aseither a threshold condition or matching constraints specified as rules.A rule can be comprised of one or more match constraints and each matchconstraint must be satisfied, by a logical “and” operation, within aspecified sliding time window in order for the notification actions tobe invoked. A match specifies the set of conditions that must besatisfied to match an event. Each condition specifies a property of anevent or object contained by the event, which is matched against a setof one or more values using the supplied comparison operation Ifmultiple values are supplied for a condition then the result is alogical “or” operation of the property being compared and against eachvalue individually. Any of the event properties or properties of objectscontained within the event structure may be used to refine the matchcriteria. For example, an auto-scaling policy may be created to add moreweb and database servers according to a ration if a business applicationbecomes heavily loaded, in order to reduce the load on that application.In another example, an auto-scaling policy with business awareness maybe created that deploys additional business topologies according to analgorithm if revenue per hour exceeds a threshold.

The metamodel allows the system to abstract business user definitionfrom technical definition and allows an enterprise to track informationabout information technology resources that were unknown when the systemwas created. By abstracting the business user definition from thetechnical definition, the metamodel allows business users to define dataclasses consistent with their enterprise nomenclature, while still beingable to map them consistently to the internal system. For example a Tier4 data center is common technical classification of a data center thatgenerally has the highest uptime, however some enterprises refer to Tier4 data centers as Tier 1 and the metamodel would allow Tier 1 and Tier 4to be used interchangeably, depending on the definition used by aspecific enterprise. This provides a benefit to the enterprise byeliminating the need to write specific policies for each instance or theneed to customize each abstraction layer for individual instances. Bytracking information about IT resources that were unknown when thesystem was created, the metamodel allows business users to arbitrarilydefine elements of data to track and create policy after the system wasbuilt, also allowing the users to track a specific piece of informationthat is defined for any resources that are managed by the system.Resources could be networks, storage, servers, workloads, topologies,applications, business units, and the like.

In other further embodiments, the policy-driven infrastructure as aservice may also include additional components. Additional componentsmay be reporting, auditing, and federated identify management systems.

In embodiments, the present disclosure may provide for a visual policyeditor, which provides an easy-to-use graphical user interface to afeature-rich and extensible policy engine, using a visual programminglanguage and policies, eliminating the need for the user to writecomplex code to define, assign, and enforce policies. The graphical userinterface allows the user to author policies using a visualdrag-and-drop interface or an XML editor. The visual programminglanguage functions could be loops, variables, branching, switching,pulling of attributes, code execution within a policy, and the like. Forexample the visual programming language could access an external pricingengine that contains live pricing information, then make a decision onthe next step of the execution process, based on the information itreceives from the pricing engine. In some embodiments, policies can beenforced at an object level. Objects could be organizational groups,individual projects, different deployment environments, and the like.Policies could be access control policies, firewall policies,event-based policies and the like. Access control policies could includepackages, scripts, and the like. Access control policies could bedefined by cloud or other service providers, network attributes, networkgeographic location, security policies, and the like. Firewall policiesmay include port and network ACL lists that are applied as policies andapplied at container level to ensure conformance to corporate standardsfor port opening/closing. Event based policies relate to service levelmanagement and could include compound threshold rules that trigger anaction, lifecycle event management, compound event sequences, signaturedetection, and policy stacking, and the like. For example, a policycould be defined to restrict deployment of a computing workload toprivate internal clouds in a specific country.

In embodiments, the present disclosure may provide for automatedprocesses to support a continuous integration cycle to migrate acomputing workload from a development environment to an operationalenvironment. The continuous integration cycle may include maintaining acode repository, automating the build process, self-testing the buildprocess, automatically deploying the build, and the like. The policiesand metamodels defined and assigned to the computing workloadenvironment follow the build from its creation using the Builder Modulethrough to its publication into the Consumption module. This capabilityallows the enterprise to greatly reduce the time required to develop,test, deploy and update a computing workload. Continuous integration mayalso include ensuring the modernization, patch management, conformingconfiguration of deployed cloud-computing services. The embodiments mayprovide this service as DevToOps policy allowing centrally definedservice definition that deployed cloud-compute services can compareagainst and either update themselves when their configuration no longermatches, warn administrators of non-conformance, rewrite themselves backto conformance when configurations of the cloud-compute services aremade arbitrarily, and the like.

As noted before, various embodiments of the present disclosure providestandardized access, management, or control to different types ofcloud-computing resources on a self-service, on-demand basis without theuser needing to know the specific instructions or details for accessing,managing, or controlling those different target cloud-computingresources.

In some implementations, in order to translate a standard managementaction for a cloud-computing service to instructions for itscloud-computing resource and/or instructions for a computer workload tobe executed on a cloud-computing resource, some management modules maycomprise a cloud model data store 809 that maps the management action tothe appropriate cloud-computing resources. Subsequently, the managementaction can be translated to one or more instructions for a targetcloud-computing resource and/or a computer workload operating thereon.For example, a topology is an example of a cloud service, where atopology can be comprised of a number of individual virtual machinesorchestrated together. A common management action to perform on atopology is to start it. This simple topology start action within themanagement layer gets turned into a number of individual instructionsthat get passed down into the cloud service bus 815, such as (1)calculate the Start Up order for topology, (2) initiate ordered startupone VM at a time, (3) as VM's come up, attach volumes that areassociated with the VM, (4) install any packages and software onto theVM's, and (5) once all machines are up and running the topology statuschanges to running.

Cloud service bus 815 may be utilized to parse management instructionsreceived from the manager module 826, transform the managementinstructions to instructions compatible with the target cloud-computingresource, and route the management instruction to the targetedcloud-computing resource. In some embodiments, the cloud service bus 815can then route, via a connection module(s) 818, the instructions to theapplication program interface (API) 821 for a target cloud-computingresource from an external commercial cloud resource(s) 827, or to thevirtual machine manager (VMM) (e.g., hypervisor) 824 for a targetcloud-computing resource from an internal private cloud resource(s) 830.

Hardware Implementation

The foregoing processes and features can be implemented by a widevariety of machine and computer system architectures and in a widevariety of network and computing environments. FIG. 9 illustrates anexample of a computer system 900 that may be used to implement one ormore of the embodiments described herein in accordance with anembodiment of the invention. The computer system 900 includes sets ofinstructions for causing the computer system 900 to perform theprocesses and features discussed herein. The computer system 900 may beconnected (e.g., networked) to other machines. In a networkeddeployment, the computer system 900 may operate in the capacity of aserver machine or a client machine in a client-server networkenvironment, or as a peer machine in a peer-to-peer (or distributed)network environment. In an embodiment of the invention, the computersystem 900 may be a component of the networking system described herein.In an embodiment of the present disclosure, the computer system 900 maybe one server among many that constitutes all or part of a networkingsystem.

The computer system 900 can include a processor 902, a cache 904, andone or more executable modules and drivers, stored on acomputer-readable medium, directed to the processes and featuresdescribed herein. Additionally, the computer system 900 may include ahigh performance input/output (I/O) bus 906 or a standard I/O bus 908. Ahost bridge 910 couples processor 902 to high performance I/O bus 906,whereas I/O bus bridge 912 couples the two buses 906 and 908 to eachother. A system memory 914 and one or more network interfaces 916 coupleto high performance I/O bus 906. The computer system 900 may furtherinclude video memory and a display device coupled to the video memory(not shown). Mass storage 918 and I/O ports 920 couple to the standardI/O bus 908. The computer system 900 may optionally include a keyboardand pointing device, a display device, or other input/output devices(not shown) coupled to the standard I/O bus 908. Collectively, theseelements are intended to represent a broad category of computer hardwaresystems, including but not limited to computer systems based on thex86-compatible processors manufactured by Intel Corporation of SantaClara, Calif., and the x86-compatible processors manufactured byAdvanced Micro Devices (AMD), Inc., of Sunnyvale, Calif., as well as anyother suitable processor.

An operating system manages and controls the operation of the computersystem 900, including the input and output of data to and from softwareapplications (not shown). The operating system provides an interfacebetween the software applications being executed on the system and thehardware components of the system. Any suitable operating system may beused, such as the LINUX Operating System, the Apple Macintosh OperatingSystem, available from Apple Computer Inc. of Cupertino, Calif., UNIXoperating systems, Microsoft® Windows® operating systems, BSD operatingsystems, and the like. Other implementations are possible.

The elements of the computer system 900 are described in greater detailbelow. In particular, the network interface 916 provides communicationbetween the computer system 900 and any of a wide range of networks,such as an Ethernet (e.g., IEEE 802.3) network, a backplane, etc. Themass storage 918 provides permanent storage for the data and programminginstructions to perform the above-described processes and featuresimplemented by the respective computing systems identified above,whereas the system memory 914 (e.g., DRAM) provides temporary storagefor the data and programming instructions when executed by the processor902. The I/O ports 920 may be one or more serial and/or parallelcommunication ports that provide communication between additionalperipheral devices, which may be coupled to the computer system 900.

The computer system 900 may include a variety of system architectures,and various components of the computer system 900 may be rearranged. Forexample, the cache 904 may be on-chip with processor 902. Alternatively,the cache 904 and the processor 902 may be packed together as a“processor module”, with processor 902 being referred to as the“processor core”. Furthermore, certain embodiments of the invention mayneither require nor include all of the above components. For example,peripheral devices coupled to the standard I/O bus 908 may couple to thehigh performance I/O bus 906. In addition, in some embodiments, only asingle bus may exist, with the components of the computer system 900being coupled to the single bus. Furthermore, the computer system 900may include additional components, such as additional processors,storage devices, or memories.

In general, the processes and features described herein may beimplemented as part of an operating system or a specific application,component, program, object, module, or series of instructions referredto as “programs”. For example, one or more programs may be used toexecute specific processes described herein. The programs typicallycomprise one or more instructions in various memory and storage devicesin the computer system 900 that, when read and executed by one or moreprocessors, cause the computer system 900 to perform operations toexecute the processes and features described herein. The processes andfeatures described herein may be implemented in software, firmware,hardware (e.g., an application specific integrated circuit), or anycombination thereof.

In one implementation, the processes and features described herein areimplemented as a series of executable modules run by the computer system900, individually or collectively in a distributed computingenvironment. The foregoing modules may be realized by hardware,executable modules stored on a computer-readable medium (ormachine-readable medium), or a combination of both. For example, themodules may comprise a plurality or series of instructions to beexecuted by a processor in a hardware system, such as the processor 902.Initially, the series of instructions may be stored on a storage device,such as the mass storage 918. However, the series of instructions can bestored on any suitable computer readable storage medium. Furthermore,the series of instructions need not be stored locally, and could bereceived from a remote storage device, such as a server on a network,via the network interface 916. The instructions are copied from thestorage device, such as the mass storage 918, into the system memory 914and then accessed and executed by the processor 902. In variousimplementations, a module or modules can be executed by a processor ormultiple processors in one or multiple locations, such as multipleservers in a parallel processing environment.

Examples of computer-readable media include, but are not limited to,recordable type media such as volatile and non-volatile memory devices;solid state memories; floppy and other removable disks; hard diskdrives; magnetic media; optical disks (e.g., Compact Disk Read-OnlyMemory (CD ROMS), Digital Versatile Disks (DVDs)); other similarnon-transitory (or transitory), tangible (or non-tangible) storagemedium; or any type of medium suitable for storing, encoding, orcarrying a series of instructions for execution by the computer system900 to perform any one or more of the processes and features describedherein.

For purposes of explanation, numerous specific details are set forth inorder to provide a thorough understanding of the description. It will beapparent, however, to one skilled in the art that embodiments of thedisclosure can be practiced without these specific details. In someinstances, modules, structures, processes, features, and devices areshown in block diagram form in order to avoid obscuring the description.In other instances, functional block diagrams and flow diagrams areshown to represent data and logic flows. The components of blockdiagrams and flow diagrams (e.g., modules, blocks, structures, devices,features, etc.) may be variously combined, separated, removed,reordered, and replaced in a manner other than as expressly describedand depicted herein.

Reference in this specification to “one embodiment”, “an embodiment”,“other embodiments”, “one series of embodiments”, “some embodiments”,“various embodiments”, or the like means that a particular feature,design, structure, or characteristic described in connection with theembodiment is included in at least one embodiment of the disclosure. Theappearances of, for example, the phrase “in one embodiment” or “in anembodiment” in various places in the specification are not necessarilyall referring to the same embodiment, nor are separate or alternativeembodiments mutually exclusive of other embodiments. Moreover, whetheror not there is express reference to an “embodiment” or the like,various features are described, which may be variously combined andincluded in some embodiments, but also variously omitted in otherembodiments. Similarly, various features are described that may bepreferences or requirements for some embodiments, but not otherembodiments.

It should also be appreciated that the specification and drawings are tobe regarded in an illustrative sense. It can be evident that variouschanges, alterations, and modifications can be made thereunto withoutdeparting from the broader spirit and scope of the disclosed technology.

Moreover, the language used herein has been principally selected forreadability and instructional purposes, and it may not have beenselected to delineate or circumscribe the inventive subject matter. Itis therefore intended that the scope of the invention be limited not bythis detailed description, but rather by any claims that issue on anapplication based hereon. Accordingly, the disclosure of the embodimentsof the invention is intended to be illustrative, but not limiting, ofthe scope of the invention, which is set forth in the following claims.

What is claimed:
 1. A computer-implemented method comprising: providing,by a computing system, access to an Infrastructure-as-a-Service (IaaS)resource via a service catalog, the IaaS resource being created by afirst entity, and associated with a first cost; presenting, by thecomputing system, the service catalog at an electronic storefront;receiving, by the computing system, a Platform-as-a-Service (PaaS)resource, the PaaS resource being created by a second entity based, atleast in part, on the IaaS resource; providing, by the computing system,access to the PaaS resource via the service catalog at the electronicstorefront, the PaaS resource associated with a second cost; receiving,by the computing system, a Software-as-a-Service (SaaS) resource, theSaaS resource being created by a third entity based, at least in part,on the PaaS resource; providing, by the computing system, access to theSaaS resource via the service catalog at the electronic storefront, theSaaS resource associated with a third cost; tracking, by the computingsystem, relational information associated with the IaaS resource, thePaaS resource, and the SaaS resource, wherein, tracking, by thecomputing system, the relational information associated with the IaaSresource, the PaaS resource, and the SaaS resource comprises trackingfinancial relational information, such that access of the SaaS resourceby a fourth user results in allocation of the first cost to the firstentity, the second cost to the second entity, and the third cost to thethird entity, and access of the PaaS resource by the fourth user resultsin allocation of the first cost to the first entity, and the second costto the second entity; allocating, by the computing system, a paymentfrom the second entity and the third entity, wherein the third costincludes the second cost, wherein the second cost includes the firstcost, and wherein an amount of the payment includes the first cost;wherein the relational information associated with the IaaS resource,the PaaS resource, and the SaaS resource further comprises licensingterms specifying one or more constraints; and limiting, by the computingsystem, access to the IaaS resource, the PaaS resource, and the SaaSresource based on the one or more constraints specified by the licensingterms.
 2. The computer-implemented method of claim 1, wherein therelational information further includes at least one of service-levelagreement (SLA) information, or configuration information.
 3. Thecomputer-implemented method of claim 1, further comprising: providing,by the computing system, a marketplace configured to facilitate one ormore interactions among users of the service catalog.
 4. Thecomputer-implemented method of claim 1, wherein the computing system isassociated with an abstraction layer of a cloud management system.
 5. Asystem comprising: at least one processor; and a memory storinginstructions that, when executed by the at least one processor, causethe system to perform: providing access to anInfrastructure-as-a-Service (IaaS) resource via a service catalog, theIaaS resource being created by a first entity, and associated with afirst cost; presenting the service catalog at an electronic storefront;receiving a Platform-as-a-Service (PaaS) resource, the PaaS resourcebeing created by a second entity based, at least in part, on the IaaSresource; providing access to the PaaS resource via the service catalogat the electronic storefront, the PaaS resource associated with a secondcost; receiving a Software-as-a-Service (SaaS) resource, the SaaSresource being created by a third entity based, at least in part, on thesecond-level computing resource; providing access to the SaaS resourcevia the service catalog at the electronic storefront, the SaaS resourceassociated with a third cost; tracking relational information associatedwith the IaaS resource, the PaaS resource, and the SaaS resource,wherein tracking the relational information associated with the IaaSresource, the PaaS resource, and the SaaS resource comprises trackingfinancial relational information, such that access of the SaaS resourceby a fourth user results in allocation of the first cost to the firstentity, the second cost to the second entity, and the third cost to thethird entity, and access of the PaaS resource by the fourth user resultsin allocation of the first cost to the first entity, and the second costto the second entity; allocating a payment from the second entity andthe third entity, wherein the third cost includes the second cost,wherein the second cost includes the first cost, and wherein an amountof the payment includes the first cost; wherein the relationalinformation associated with the IaaS resource, the PaaS resource, andthe SaaS resource further comprises licensing terms specifying one ormore constraints; and limiting access to the IaaS resource, the PaaSresource, and the SaaS resource based on the one or more constraintsspecified by the licensing terms.
 6. A non-transitory computer-readablestorage medium including instructions that, when executed by at leastone processor of a computing system, cause the computing system toperform: providing access to an Infrastructure-as-a-Service (IaaS)resource via a service catalog, the IaaS resource being created by afirst entity, and associated with a first cost; presenting the servicecatalog at an electronic storefront; receiving a Platform-as-a-Service(PaaS) resource, the PaaS resource being created by a second entitybased, at least in part, on the IaaS resource; providing access to thePaaS resource via the service catalog at the electronic storefront, thePaaS resource associated with a second cost; receiving aSoftware-as-a-Service (SaaS) resource, the SaaS resource being createdby a third entity based, at least in part, on the second-level computingresource; providing access to the SaaS resource via the service catalogat the electronic storefront, the SaaS resource associated with a thirdcost; tracking relational information associated with the IaaS resource,the PaaS resource, and the SaaS resource, wherein tracking therelational information associated with the IaaS resource, the PaaSresource, and the SaaS resource comprises tracking financial relationalinformation, such that access of the SaaS resource by a fourth userresults in allocation of the first cost to the first entity, the secondcost to the second entity, and the third cost to the third entity, andaccess of the PaaS resource by the fourth user results in allocation ofthe first cost to the first entity, and the second cost to the secondentity; allocating a payment between the second entity and the thirdentity, wherein the third cost includes the second cost, wherein thesecond cost includes the first cost, and wherein an amount of thepayment includes the first cost; wherein the relational informationassociated with the IaaS resource, the PaaS resource, and the SaaSresource further comprises licensing terms specifying one or moreconstraints; and limiting access to the IaaS resource, the PaaSresource, and the SaaS resource based on the one or more constraintsspecified by the licensing terms.
 7. The system of claim 5, wherein therelational information further includes at least one of service-levelagreement (SLA) information, or configuration information.
 8. The systemof claim 5, further comprising: providing a marketplace configured tofacilitate one or more interactions among users of the service catalog.9. The system of claim 5, wherein the computing system is associatedwith an abstraction layer of a cloud management system.
 10. The mediumof claim 6, wherein the relational information further includes at leastone of service-level agreement (SLA) information, or configurationinformation.
 11. The medium of claim 6, further comprising: providing amarketplace configured to facilitate one or more interactions amongusers of the service catalog.
 12. The medium of claim 6, wherein thecomputing system is associated with an abstraction layer of a cloudmanagement system.